CVE-2001-0990

N/A Unknown

Published: September 04, 2001 Modified: April 16, 2026

Description

Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://www.inter7.com/vpopmail/ChangeLog

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/212036

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/3284

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7076

Source: cve@mitre.org

http://www.inter7.com/vpopmail/ChangeLog

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/212036

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/3284

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7076

Source: af854a3a-2127-422b-91ae-364da2661108

8 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.1%

21th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

inter7